Bearer/bearer v0.24.0

on GitHub

Highlights

• Javascript alpha support: we are releasing the base work to support javascript. We will add more rules and fine-tune the results in the coming weeks.

• Curio Privacy Report: a generic compliance-oriented report to help engineering teams fulfill the requirements from security and legal regarding GDPR, CCPA, HIPAA, and various other privacy laws and regulations

• New logger supports for Ruby: #366

  • Bugsnag
  • Honeybadger
  • Rollbar
  • Airbrake
  • Scout APM
  • Open Telemetry

• New Analytics Environment Support #459

  • Algolia
  • Elasticsearch
  • Segment

• We are introducing "Warning" for less critical rules that shouldn't break CI/CD.

Changelog

• 7d2ba8e chore(deps): bump docker/build-push-action from 3 to 4 (#496)
• 16a5395 chore(deps): bump github.com/fatih/color from 1.14.0 to 1.14.1 (#465)
• 7f6646d chore(deps): bump github.com/go-git/go-billy/v5 from 5.4.0 to 5.4.1 (#495)
• f2bc4d6 chore(deps): bump google.golang.org/api from 0.108.0 to 0.109.0 (#497)
• faa5b94 chore: Run Ruby-only policies scan as part of battle testing (#391)
• 5c0b2b8 chore: clean up (#475)
• 63a61b2 chore: clean up common.rego (#530)
• c312804 chore: clean up rules (#498)
• f4eab08 chore: hardcode worker options and remove flags (#477)
• e3e2df0 ci(battletest): collect summary output for javascript (#552)
• 9e8ed9c ci(battletest): remove duplicates in JS repo list (#548)
• 54c841b docs(feat): add 404 page (#523)
• e289d29 docs(fix): change terminology on support page (#505)
• f050c4f docs(issues): update template (#534)
• 77b6a4d docs(privacy report): add privacy report and clean up reports docs (#494)
• c7bf7d5 docs(readme): update Debian installation step (#550)
• a55ff8c feat(classification): improve classification (#506)
• e86b4c0 feat(privacy report): Add subject name to datatype (#468)
• 52483c8 feat(privacy report): Subjects inventory (#472)
• 601a81d feat(privacy report): Third party inventory report (#476)
• 8fd0b5d feat(privacy report): merge subjects and third party reports (#488)
• 1fea8d8 feat(privacy report): pass flag option for subject mapping override (#478)
• 685179c feat(ruby rules): add third-party airbrake rule for notify methods (#514)
• a4493e4 feat(rules): Add warning level to severity (#491)
• e43255c feat(rules): add exception rule in ruby (#486)
• 56858f2 feat(rules): add file_generation rule for JS (#546)
• a5e8d74 feat(rules): add js rules for exceptions (#540)
• 80ad701 feat(rules): add sentry rules (#526)
• 2b68726 feat(summary report): Add flag for severity levels (#493)
• 432bfc6 feat(summary): improve output and fix some display issues (#537)
• e34ab52 feat: add bugsnag and honeybadger support (#509)
• b4de9e4 feat: add javascript jwt support (#549)
• 31c7c93 feat: add javascript support (#452)
• 76ed30f feat: add more level for logger (#492)
• 2f360bb feat: add ruby open telemetry rule (#520)
• 5f9935f feat: add ruby rollbar rule (#515)
• 2775636 feat: add ruby segment rule (#539)
• 616e581 feat: cookie rule (#517)
• d8aec7f feat: improve cookie rule (#521)
• 8293485 feat: improve report summary (#513)
• 456e82c feat: match equivalent ruby syntax (#474)
• 3130734 feat: ruby algolia rule (#522)
• 7a6de2e feat: ruby datadog rule (#516)
• 3c659e9 feat: ruby elasticsearch rule (#535)
• e683593 feat: ruby scout apm rule (#518)
• cbbf298 feat: warn when cached data is used (#500)
• 74b837a feat: weak encryption javascript (#525)
• b62642f fix(docs): add remediation message for newrelic (#481)
• d838b2f fix(privacy report): fix Rules Passed spacing (#507)
• d17d919 fix: add mapping for rule severity to category (#538)
• 2a9ce4c fix: consider severity flag for JSON and YAML format (#512)
• e198667 fix: fix failure ordering (#536)
• 9bd17e4 fix: improve ruby object detection (#542)
• c6c7bf5 fix: remove mention of dataflow from launch copy (#531)
• a83d7e7 fix: resolve homedir when loading external rules (#541)
• a821e2f fix: use snakecase in privacy report (#511)